Cisco Releases August 2025 ASA, FMC, and FTD Software Security Advisory Bundled Publication

21 advisories are included in the semi-annual Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Security Advisory bundled publication

Threat ID:: CC-4693
Threat Severity:: Medium
Published:: 15 August 2025 12:12 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Affected platforms

The following platforms are known to be affected:

Cisco FirePower Threat Defense (FTD)

Cisco Adaptive Security Appliance (ASA) Software

Cisco Firepower Management Center (FMC) Software

Threat details

Cisco Software Checker

To help customers determine their exposure to vulnerabilities in Cisco ASA, FMC, and FTD Software, Cisco provides the Cisco Software Checker. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities.

Introduction

Cisco has released 21 security advisories that cover 29 vulnerabilities in its scheduled bundle of Cisco Adaptive Security Appliance Software (ASA), Firepower Management Center (FMC) Software, and Firepower Threat Defense (FTD) Software Advisories.

The bundled publication includes 1 advisory with a critical security impact rating, 11 with high security impact, and 9 advisories with medium impact. Of these advisories, special attention should be given to the critical impact advisory, described below.

cisco-sa-fmc-radius-rce-TNBKf79 - Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution (RCE) Vulnerability
- CVSSv3 score: 10.0
- Successful exploitation of this vulnerability could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
- Note: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for Remote Authentication Dial-In User Service (RADIUS) authentication for the web-based management interface, Secure Shell (SSH) management, or both.

More information about the other advisories not described in this cyber alert can be found in the August 2025 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.

Remediation advice

Affected organisations are encouraged to review August 2025 Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication and its linked advisories and apply any relevant security updates.

Definitive source of threat updates

CVE Vulnerabilities

Status Published

CVE-2025-20265

A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.  This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level. Note: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.

Last edited: 15 August 2025 12:12 pm